VDB
DEBIAN-CVE-2015-0250
DEBIAN-CVE-2015-0250
PUBLISHED
CVSS 8.800000190734863 HIGH
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Risk Scores
CVSS v4.0
8.800000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | batik | 0, 0, 0 |
| Debian:11 | batik | 0, 0, 0 |
| Debian:12 | batik | 0, 0, 0 |
| Debian:13 | batik | 0, 0, 0 |
Timeline
- Mar 24, 2015 CVE Published
- Apr 28, 2026 CVE Updated